Portal Users

Administrators are granted permissions to perform advanced actions to manage the broader WorkSpaces estate. In WorkSpaces Manager, these permissions can be granularly assigned to Portal Administrators for specific tasks.

This section allows the delegation of support roles, enabling different users to access the WorkSpaces Manager console with specific administrative rights. For example, you may assign two staff members to manage users with critical roles, where policy dictates that only they are authorized to change the reboot times for those users' WorkSpaces.

Adding a new Administrator

To add a new Portal administrator, click the icon on the right and select Create User

Enter the administrator details, preferably from Active Directory, ensuring that the username is prefixed with your domain name (e.g., CLOUD\username). Then, assign either the SuperAdmin role or the custom Admin role you’ve created.

Restricting users to Accounts, Regions or Directories

For support role delegation, you may want to restrict Portal Administrators to managing WorkSpaces in specific AWS Regions (e.g., a Support team in APAC), specific WorkSpace Directories (e.g., directories containing only Finance and Marketing users), or based on WorkSpace Tags (e.g., where the Department is 'R&D').

With this Admin Role, we've restricted the assigned users to managing WorkSpaces in the eu-west-1, eu-west-2, and eu-central-1 regions, within a specific WorkSpace Directory, and any WorkSpaces in the assigned AWS Account (with multiple options if Multi-AWS accounts are set up). They cannot manage WorkSpaces outside of these parameters (e.g., they cannot terminate or reboot a WorkSpace in us-east-1). You can add or remove Accounts, Regions, and Directories by clicking the bin icon next to them.